Common Security: CDSA and CSSM, Version 2
Copyright © 1999 The Open Group

Frontmatter


Technical Standard
Common Security: CDSA and CSSM, Version 2
Document Number: C902
ISBN: 1-85912-236-1


©November 1999, The Open Group All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without the prior permission of the copyright owners.


Any comments relating to the material contained in this document may be submitted to The Open Group at:

The Open Group
Apex Plaza
Forbury Road
Reading
Berkshire, RG1 1AX
United Kingdom
or by electronic mail to:
OGSpecs@opengroup.org

Preface

The Open Group

The Open Group is the leading vendor-neutral, international consortium for buyers and suppliers of technology. Its mission is to cause the development of a viable global information infrastructure that is ubiquitous, trusted, reliable, and easy-to-use. The Open Group creates an environment where all elements involved in technology development can cooperate to deliver less costly and more flexible IT solutions.

Formed in 1996 by the merger of the X/Open Company Ltd. (founded in 1984) and the Open Software Foundation (founded in 1988), The Open Group is supported by most of the world's largest user organizations, information systems vendors, and software suppliers. By combining the strengths of open systems specifications and a proven branding scheme with collaborative technology development and advanced research, The Open Group is well positioned to meet its new mission, as well as to assist user organizations, vendors, and suppliers in the development and implementation of products supporting the adoption and proliferation of systems which conform to standard specifications.

With more than 200 member companies, The Open Group helps the IT industry to advance technologically while managing the change caused by innovation. It does this by:

The Open Group operates in all phases of the open systems technology lifecycle including innovation, market adoption, product development, and proliferation. Presently, it focuses on seven strategic areas: open systems application platform development, architecture, distributed systems management, interoperability, distributed computing environment, security, and the information superhighway. The Open Group is also responsible for the management of the UNIX trademark on behalf of the industry.

Development of Product Standards

This process includes the identification of requirements for open systems, development of Technical Standards (formerly CAE and Preliminary Specifications) through an industry consensus review and adoption procedure (in parallel with formal standards work), and the development of tests and conformance criteria.

This leads to the preparation of a Product Standard which is the name used for the documentation that records the conformance requirements (and other information) to which a vendor may register a product.

The "X" Device is used by vendors to demonstrate that their products conform to the relevant Product Standard. By use of the Open Brand they guarantee, through the Open Brand Trade Mark License Agreement (TMLA), to maintain their products in conformance with the Product Standard so that the product works, will continue to work, and that any problems will be fixed by the vendor.

Open Group Publications

The Open Group publishes a wide range of technical documentation, the main part of which is focused on development of Technical Standards and product documentation, but which also includes Guides, Snapshots, Technical Studies, Branding and Testing documentation, industry surveys, and business titles.

There are several types of specification:


In addition, The Open Group publishes:

Versions and Issues of Specifications

As with all live documents, Technical Standards and Specifications require revision to align with new developments and associated international standards. To distinguish between revised specifications which are fully backwards compatible and those which are not:

Corrigenda

Readers should note that Corrigenda may apply to any publication. Corrigenda information is published on the World-Wide Web at http://www.opengroup.org/corrigenda.

Ordering Information

Full catalog and ordering information on all Open Group publications is available on the World-Wide Web at http://www.opengroup.org/pubs.

This Document
This document is the CDA Version 2.0 Technical Standard. It supersedes the CDSA Technical Standard which The Open Group published in December 1997.

The Common Data Security Architecture (CDSA) is a set of layered security services that address communications and data security problems in the emerging Internet and Intranet application space. It is designed to provide interoperable security standards covering the essential components of security capability.

The CDSA Technical Standard is organized into 15 parts, each addressing specific aspects of the architecture, and catering for the needs of several distinct audiences (see Intended Audience below). Due to this "parts" structure, there is a certain amount of duplication of information. However, it is considered that the benefit to the reader of presenting all the information they are likely to require within self-contained Parts outweighs any disadvantages in duplication of information.

Most of the parts are normative, defining programming interfaces. Those that are non-normative (descriptive, for added information) are clearly identified as such.

The 15 parts are as follows:

A glossary and index are also provided.

Intended Audience

Part 1 provides an overview of the CDSA for Independent Software Vendors (ISVs), Independent Hardware Vendors (IHVs), and platform vendors who develop security products as complete applications in a monolithic environment.

The intended audience for each part of this document is:

Part 2
This is intended for use by Independent Software Vendors (ISVs) who develop their own application code to interact with CSSM services. These ISVs are highly experienced software and security architects, advanced programmers, and sophisticated users, familiar with network operating systems and high-end cryptography. It is assumed that this audience is familiar with the basic capabilities and features of the protocols they are considering.

Part 3
This part is intended for Module Directory Services can be used by applications outside of CDSA. To this end, MDS is of interest to all application developers.

Part 4
This part is intended for use by Independent Software Vendors (ISVs) who develop exportable and importable application code to interact with CSSM services. These ISVs are highly experienced software and security architects, advanced programmers, and sophisticated users. They are also familiar with local and foreign government regulations on the use of cryptography and the implication of those regulations for their applications and products.

Part 5
This part is intended for Platform Vendors and Independent Software Vendors (ISVs) who want to enhance product security by including integrity and authentication checks in the core of their products. These developers must have a good understanding of:

It is also assumed that these developers have a working knowledge of signed manifests as digital credentials.

Part 6
This part is essential for all developers whose products involve the expression and/or validation of the integrity of a collection of digital objects. This includes those developing:

Part 7
This part is intended for Independent Software Vendors (ISVs) and application writers, who want to develop interoperable X.509 certificate services, regardless of which certificate library module is used to access the certificate.

Part 8
This part is intended for Independent Software Vendors (ISVs) who want to develop categories of security services different from the four basic CSSM service categories: trust policy, certificate library, data storage library, and cryptographic services. These ISVs should be highly experienced software and security architects and advanced programmers. This audience is familiar with high-end cryptography, digital certificates, and features of the security protocols they are considering.

Part 9
This part is intended for Independent Software Vendors (ISVs) who want to develop their own add-in modules to support one or more of the CSSM Service Provider Interfaces. These ISVs should be highly experienced software and security architects, advanced programmers, and sophisticated users. They are familiar with data storage systems, high-end cryptography, and digital certificates. It is assumed that this audience is familiar with the basic capabilities and features of the protocols they are considering.

Part 10
This part is intended for Independent Software Vendors (ISVs) who want to develop CSSM add-in service modules providing cryptographic services such as digital signing and verification, encryption and decryption, digesting, key generation, and random number generation. These developers must have a thorough understanding of:

It is also assumed that these developers have a working knowledge of how the cryptographic services they provide can be used to provide integrity, authentication, confidentiality, and non-repudiation of data and actions.

Part 11
This part is intended for security software developers who want to develop their own Trust Policy module. These developers should be familiar with cryptography and digital certificates. This document assumes the reader is familiar with the basic capabilities and features of security protocols associated with authentication, integrity and privacy. These developers should be highly experienced software architects, advanced programmers, or sophisticated users, who have a strong understanding of public-key infrastructures.

Part 12
This part is intended for Independent Software Vendors (ISVs) who want to use the CDSA's Authorization Computation module to implement an authorization evaluation mechanism based on caller inputs. These inputs will include the assumptions forming the basis of the caller's policy, the request for which authorization is being checked, and the credentials, samples, and exhibits that could demonstrate authorization to perform the request.

Part 13
This part is intended for Independent Software Vendors (ISVs) who want to develop add-in service modules providing creation and manipulation of digital certificates and certificate revocation lists through the CSSM APIs. These developers should have a strong understanding of:

It is also assumed that these developers are knowledgeable users of cryptographic services.

Part 14
This part is intended for Independent Software Vendors (ISVs) who want to develop CSSM add-in service modules providing persistent storage for security-related objects, such as digital certificates, certificate revocation lists, cryptographic keys, and security policy statements. These developers should have a strong understanding of:

It is also assumed that these developers have a working knowledge of cryptographic services.

Part 15
This part is intended for Independent Software Vendors (ISVs) who will develop products that provide key recovery services through the CSSM APIs. These ISVs are highly experienced software and security architects and advanced programmers. They are also familiar with local and foreign government regulations on the use of cryptography and the implication of those regulations for their products.

History
The following history is for clarification purposes, in recognition that there is possibility of confusion over the version numbering assigned to CDSA documents and software.

This is The Open Group's CDSA Version 2.0 Technical Standard, November 1999.

In December 1997 The Open Group published its first CDSA Technical Standard. This CDSA Version 2.0 supersedes the CDSA December 1997 document.

In Febuary 1998, Intel released a series of documents, all called "Common Data Security Architecture xx Specification, Release 1.2 February 1998". Titles in this Intel release included Application Programming Interface (API), Data Storage Library Interface (DLI), Add-in Module Structure and Administration, Cryptographic Service Provider Interface (SPI), Trust Policy Interface (TPI), and Certificate Library Interface (CLI). Those who licensed the reference software for this Intel documentation release 1.2 have not unnaturally refered to their implementations of it as version 1.2 of CDSA.

In May 1999, Intel released a document called "Common Security Services Manager, Application Programming Interface (API) Specification, CDSA Version 2.0 release 3.0". This had review status only.

Trademarks

Motif®, OSF/1®, UNIX®, and the "X Device"® are registered trademarks and IT DialToneTM; and The Open GroupTM; are trademarks of The Open Group in the U.S. and other countries.

Other product and corporate names may be trademarks of other companies and are used only for explanation and to the owner's benefit, without intent to infringe.

Acknowledgements

The Open Group gratefully acknowledges the co-operative effort of participating industry leaders, led by Intel Architecture Labs., on this Common Data Security Architecture (CDSA) specification. This work was initiated by Intel Architecture Labs., and led to the development of CDSA and CSSM, having attained the support and participation of organizations such as Apple, Entrust, Hewlett-Packard, IBM, Motorola, Netscape, Sun, and Trusted Information Systems, together with the many member organizations of the PKI (Public Key Infrastructure) Task Group, who met regularly under the auspices of The Open Group.

The Open Group particularly acknowledges the detailed work contributed by Apple Computer Corporation, Intel Architecture Labs. and the IBM Corporation, to the development of this CDSA Version 2 Technical Standard.

Referenced Documents

The following documents are referenced in this Technical Standard:

ASN.1

ITU-T Recommendation X.200: Abstract Syntax Notation One (ASN.1).

BER

ITU-T Recommendation X.209: Basic Encoding Rules for Abstract Syntax Notation One (ASN.1).

BSAFE

BSAFE Cryptographic Toolkit, RSA Data Security, Inc., Redwood City, CA.

Cryptography

Applied Cryptography, Second Edition, Protocols, Algorithms, and Source Code in C, Bruce Schneier: John Wiley & Sons, Inc., 1996.

Cryptography Usage

Handbook of Applied Cryptography, Menezes, A., Van Oorschot, P., and Vanstone, S., CRC Press, Inc., 1997.

DER

ITU-T Recommendation X.690: Distinguished Encoding Rules.

DSA

Federal Information Procurement Standard (FIPS) 186, Digital Signature Standard.

Key Escrow

A Taxonomy for Key Escrow Encryption Systems, Denning, Dorothy E., and Branstad, Dennis, Communications of the ACM, Vol 39, No. 3, March 1996.

OIW

Stable Implementation Agreements, Open Systems Environment Implementors Workshop, June 1995.

PKCS

The Public-Key Cryptography Standards, RSA Laboratories, RSA Data Security, Inc., Redwood City, CA.

PKIX

Public Key Infrastructure Certificate Management Protocols, IETF PKIX Working Group, 1996

SDSI

SDSI: A Simple Distributed Security Infrastructure, R. Rivest and B. Lampson, 1996.

SHA

Federal Information Procurement Standard (FIPS) 180, Secure Hash Algorithm.

SPKI

Simple Public Key Infrastructure, Internet Draft: draft-ietf-spki-cert-structure-03.txt

X.509

ITU-T Recommendation X.509: The Directory-Authentication Framework, 1988.

License Agreement for CDSA Specifications

THIS LICENSE AGREEMENT IS IN RESPECT OF THE COMPILATION OF 15 SPECIFICATIONS RELATING TO COMMON DATA SECURITY ARCHITECTURE "(CDSA)" AND COMMON SECURITY SERVICES MANAGER "(CSSM)", PUBLISHED TOGETHER BY THE OPEN GROUP UNDER THE TITLE "COMMON SECURITY: CDSA AND CSSM, Version 2", DOCUMENT NUMBER C902, ISBN 1-85912-236-1 ("THE SPECIFICATION").

YOU CANNOT USE THIS SPECIFICATION ("THE SPECIFICATION") FOR SOFTWARE DEVELOPMENT UNTIL YOU HAVE CAREFULLY READ AND AGREED TO THE FOLLOWING TERMS AND CONDITIONS. THE PERSON WHO ORIGINALLY ACQUIRED THIS PUBLICATION THROUGH THE WORLD-WIDE WEB OR AS HARD COPY EXPLICITLY AGREED TO THESE TERMS AND CONDITIONS. AS THE READER OF THIS DOCUMENT YOU ARE BOUND BY THE SAME TERMS. THE TERMS OF THIS LICENSE AGREEMENT ALSO APPLY TO REVISIONS OF THIS SPECIFICATION MADE AVAILABLE TO YOU BY THE OPEN GROUP.

LICENSE: The Open Group grants you a non-exclusive copyright license to read and display the Specification, and to use the Specification to develop and distribute a conformant software implementation of the Specification on the terms set out in this Agreement. For the avoidance of doubt, this License does not authorize you to edit, republish or distribute the Specification or create any derivative work therefrom.

CONFORMANCE: A software implementation must be and remain a complete and conformant implementation of the CSSM. A conforming implementation of CSSM provides and supports all the application programming interfaces and service provider interfaces defined in the Specification, and for each elective module the implementation must provide and support all the application programming interfaces and service provider interfaces for that module. A software implementation of CSSM may be tested for conformance using the CDSA Conformance Test Suite ("the Test Suite"), available from The Open Group web site. You are not permitted to use the Test Suite for any other purpose, nor to disclose or make any claim that any product has "passed" the Test Suite test. You can not make any claims that your software product conforms to CDSA or CSSM or the Specification unless such product is registered under the Open Brand program.

LIABILITY: THE SPECIFICATION AND ANY OTHER MATERIALS PROVIDED BY THE OPEN GROUP UNDER THIS AGREEMENT ARE PROVIDED "AS IS", AND THE OPEN GROUP MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AND EXPRESSLY DISCLAIMS ANY WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS AND FITNESS FOR A PARTICULAR PURPOSE.

TO THE MAXIMUM EXTENT PERMITTED BY LAW, THE OPEN GROUP HEREBY EXCLUDES ALL LIABILITY, WHETHER IN CONTRACT, TORT OR OTHERWISE, ARISING OUT OF OR RELATING TO THE USE BY ANY PERSON OF THE SPECIFICATION OR ANY OTHER MATERIAL PROVIDED HEREUNDER. IN NO EVENT SHALL THE OPEN GROUP BE LIABLE FOR ANY INDIRECT OR CONSEQUENTIAL LOSSES INCLUDING, WITHOUT LIMITATION, ANY LOSS OF PROFITS, CONTRACTS, PRODUCTION OR USE.

TERMINATION OF THIS LICENSE: The Open Group may terminate this license at any time if you are in breach of any of its terms and conditions. Upon termination, you will immediately cease use of the Specification.

APPLICABLE LAW: This Agreement is governed by the laws of England and Wales, and you hereby agree to the non-exclusive jurisdiction of the English courts.


Click here to return to the publication details.

Contents Next section Index